Why top and free inside containers don't show correct container memory (2018)
12 days ago
- #Linux
- #Memory Management
- #Containers
- Common misconception in Linux containers: tools like 'top' and 'free' report host memory, not container limits.
- Memory limits in containers are enforced via cgroups, not visible in /proc/meminfo which shows global memory stats.
- Demonstration of setting a 10MB memory limit in a container and observing memory allocation behavior.
- Explanation of why /proc/meminfo doesn't reflect container memory limits: it's not namespaced like process IDs in /proc.
- Deep dive into Kernel's memory management: how memory allocation is controlled and limited via cgroups.
- Tracing memory allocation attempts with bpftrace to observe cgroup memory limits in action.
- Closing thoughts on the ease of using bpftrace for Kernel exploration and understanding memory limits.